<?

/*
*
*   Excalibur Content Management System
*   Copyright © 2008 Egor "Sontan" Kuryanovich
*
*   Based on Explay Engine v2.0 by Golovdinov Alexander
*
*   Official site: www.excms.ru
*   Contact e-mail: support@excms.ru
*
*   GNU General Public License original source:
*   http://www.gnu.org/licenses/gpl-3.0.html
*
*/

header('Cache-control: no-cache');
header('Content-type: text/html; charset=utf-8');

$EXCMS = "work";

ob_start(); 
ob_implicit_flush(0); 

$start_time = microtime(); 
$start_array = explode(" ",$start_time); 
$start_time = $start_array[1] + $start_array[0];

require_once "engine/functions.php";
require_once "engine/connect.php";

@mysql_query ("UPDATE ".DB_PEREFIX."_sessions SET page = 'Админпанель' WHERE sesid = '$unical_sesid'");



$theme = "admin";
require_once "themes/admin/main.php";


// REGISTRATION
// ============

$login_ = addslashes($_POST['login']);
$pass_ = expl_hash($_POST['pass']);
$remember = $_POST['remember'];
if (isset($_POST['remember'])) $time = time() + ($SITE['cookie_live'] * 86400);
else $time = time() + 7200;

if ($_GET['admin_mod'] == "enter") {
	if ($login_ == "" || $pass_ == "") print_big_authorization ("Не заполнено одно из полей", "index.php");
	else {
		$get_login = @mysql_query ("SELECT * FROM ".DB_PEREFIX."_users WHERE user_login = '$login_' && user_password = '$pass_'");
		if (mysql_num_rows($get_login) == 1) {
			$glog = mysql_fetch_array($get_login);
			
			setCookie ("login", $login_, $time);
			setCookie ("pass", $pass_, $time);
			
			$file = file ("engine/admin_pan_log.txt");
			if (count ($file) > 40) {
				$new_file = fopen ("engine/admin_pan_log.txt", "w");
				fclose ($new_file);
			}
			
			if ($file_log = @fopen ("engine/admin_pan_log.txt", "a+")) {
				@fwrite ($file_log, $login_."<==>".$_SERVER['REMOTE_ADDR']."<==>".time()."<==>true\n");
				@fclose ($file_log);
			}
				
			big_message ("Вы вошли как ".$glog['user_name'], "admin.php");
			exit;
			
		}
		else {
			$file = file ("engine/admin_pan_log.txt");
			if (count ($file) > 40) {
				$new_file = fopen ("engine/admin_pan_log.txt", "w");
				fclose ($new_file);
			}
			
			if ($file_log = @fopen ("engine/admin_pan_log.txt", "a+")) {
				@fwrite ($file_log, $login_."<==>".$_SERVER['REMOTE_ADDR']."<==>".time()."<==>false\n");
				@fclose ($file_log);
			}
			
			print_big_authorization ("Неправильный логин или пароль", "index.php");
			exit;
		}
	}
}

// ============
// REGISTRATION

if ($GLOBAL_USER['user_group'] != "admin") {
	if ($_GET['admin_mod'] != "enter") {
		print_big_authorization ("У вас нет прав для просмотра этой страницы!<br>Вы должны войти как администратор", "index.php");
		exit; 
	}
	else exit;
}



if (isset($_GET['name'])) $mod_name = $_GET['name'];
else $mod_name = "start";

if (isset($_GET['do'])) $do = $_GET['do'] ;
else $do = "";

print_header ("Панель администратора", $SITE['site_name']);

include "themes/admin/header.php";

left_r1();

if (isset($_GET['do'])) {
	if (file_exists("admin/$do.php")) require_once "admin/$do.php";
	else {
		site_error ("Нет файла администрирования");
		come_back ("панели администратора", "admin.php");
	}
}
elseif ($mod_name == "start") require_once "admin/panel.php";
else {
	$get_mod = @mysql_query ("SELECT module_admin FROM ".DB_PEREFIX."_modules WHERE module_name = '$mod_name'");
	
	if ($get_mod) {
	 $mod = mysql_fetch_array ($get_mod);
	 
	 if ($mod['module_admin'] != "") {
	 	if (file_exists($mod['module_admin'])) require_once $mod['module_admin'];
	 	else {
			site_error ("Нет файла администрирования");
			come_back ("панели администратора", "admin.php");
		}
	 }
	 else site_error ("Управление модулем запрещено");
	}
	else site_error ("Нет такого модуля");
}

center_e ();

include "themes/admin/footer.php";

$end_time = microtime(); 
$end_array = explode(" ",$end_time); 
$end_time = $end_array[1] + $end_array[0]; 
$time = $end_time - $start_time; 
printf("\n<!-- Страница сгенерирована за %f секунд -->\n\n",$time);


ob_end_flush(); 
exit; 
